Traditional approaches to combatting cyber threats focuses on securing endpoints and networks through reactive security measures that are focused on securing computing (or communication) devices. Anti-virus programs, for example, can be used to detect malicious software associated with local system-level attacks (e.g., a virus attached to an email) and, when defenses have already been breached, to quarantine dangerous files that are detected within a computer system. Firewalls and other edge security devices can be used to establish a perimeter around sensitive systems by controlling the passage of information between networks, so as to reduce the risk of unauthorized interactions.
Modern cyber threats, however, evolve alongside computer technology, and attackers can be expected to leverage whatever means are available in order to compromise or bypass traditional defenses. The development and expansion of social media and social networks, for instance, has introduced significant information security risk to both individuals and organizations. These risks include targeted social-based cyber-attacks, fraud, impersonations, and social engineering, among others.